[SECURITY] Fedora 41 Update: fcgi-2.4.7-1.fc41

FastCGI is a language independent, scalable, open extension to CGI that provides high performance without the limitations of server specific APIs...

EUVD-2005-2196

Malware in sbrugna...

PT-2024-40269 · Typo3 · Typo3

Name of the Vulnerable Software and Affected Versions: TYPO3 affected versions not specified Description: The issue allows backend users to upload certain file types, including .phar, .shtml, .pl, or .cgi files, due to missing file extensions in the $GLOBALS'TYPO3 CONF VARS''BE''fileDenyPattern'...

Authentication flaw

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FWiB-LR7011A1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi...

CVE-2017-14244

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FWiB-LR7011A1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi...

CVE-2017-14244

An authentication bypass vulnerability on iBall Baton ADSL2+ Home Router FWiB-LR7011A1.0.2 devices potentially allows attackers to directly access administrative router settings by crafting URLs with a .cgi extension, as demonstrated by /info.cgi and /password.cgi...

FoxWeb 2.5 PATH_INFO Remote Buffer Overrun Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8547/info FoxWeb is prone to a remotely exploitable buffer overrun vulnerability. This is due to insufficient bounds checking of user-supplied PATHINFO data to the Foxweb CGI and ISAPI extension. Successful exploitation...

CVE-2005-2195

Apple Darwin Streaming Server 5.5 and earlier allows remote attackers to cause a denial of service application crash via a URL with a filename containing a .cgi extension and an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1, a different vulnerability than CVE-2003-0421 and CVE-2003-0502...

OmniHTTPd 1.1/2.0.x/2.4 - Sample Application URL Encoded Newline HTML Injection

source: https://www.securityfocus.com/bid/5572/info OmniHTTPD is a webserver for Microsoft Windows operating systems. OmniHTTPD supports a number of CGI extensions which provide dynamic content. A HTML injection vulnerability has been reported in the '/cgi-bin/redir.exe' sample CGI included with...

FreeBSD-SA-00:60.boa

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:60 Security Advisory FreeBSD, Inc. Topic: boa web server allows arbitrary file access/execution Category: ports Module: boa Announced: 2000-10-30 Credits: Lluis Mora...